Comments on: Stippy Was Hacked! http://www.stippy.com/japan-news-and-media/stippy-was-hacked/ A fresh look at Japan, by gaijins for gaijins! Sat, 22 Nov 2008 12:36:55 +0000 http://wordpress.org/?v=2.6.3 By: Arion http://www.stippy.com/japan-news-and-media/stippy-was-hacked/#comment-81086 Arion Thu, 13 Nov 2008 18:44:37 +0000 http://www.stippy.com/japan-news-and-media/stippy-was-hacked/#comment-81086 Heavy... What you could do is hire someone to try and constantly hack your pc, and give you a heads up on any loose points in you system. A little weird, but it definitely heps tighten things up if you want. Heavy… What you could do is hire someone to try and constantly hack your pc, and give you a heads up on any loose points in you system. A little weird, but it definitely heps tighten things up if you want.

]]> By: jon http://www.stippy.com/japan-news-and-media/stippy-was-hacked/#comment-80769 jon Tue, 20 May 2008 04:21:08 +0000 http://www.stippy.com/japan-news-and-media/stippy-was-hacked/#comment-80769 i hope that every body receive my letter .plz save the ch.my reqest/ i hope that every body receive my letter .plz save the ch.my reqest/

]]> By: cakedollar http://www.stippy.com/japan-news-and-media/stippy-was-hacked/#comment-9313 cakedollar Mon, 28 May 2007 10:58:54 +0000 http://www.stippy.com/japan-news-and-media/stippy-was-hacked/#comment-9313 Ey, being hacked sucks I've run into problems like that before with sites I maintain. Wordpress does have some security problems, which is why you need to keep up to date with the versions :) However, a clever hacker can get in in a number of ways. For example, if you are using a shared hosting server then they can simply hack another website on the server and gain root access from there, and then have a field day. Back in the day, hackers would deface a site for kicks - nowadays they do far more malicious stuff as its profit-driven. If he managed to get hold of write privileges then you must start looking around the directory structure to make sure they haven't turned your site into a zombie (a remote pc under a hackers control that he can then rent out to spammers or whoever) by uploading spamming scripts etc and used the 'you got hacked' message as a smoke-screen. Also, look at the cronjobs to see if he didn't get sneaky and set one up - i've heard of cases where they'll set up cronjobs to restore removed files from a hidden backup :( Ey, being hacked sucks

I’ve run into problems like that before with sites I maintain. Wordpress does have some security problems, which is why you need to keep up to date with the versions :)

However, a clever hacker can get in in a number of ways. For example, if you are using a shared hosting server then they can simply hack another website on the server and gain root access from there, and then have a field day.

Back in the day, hackers would deface a site for kicks - nowadays they do far more malicious stuff as its profit-driven.

If he managed to get hold of write privileges then you must start looking around the directory structure to make sure they haven’t turned your site into a zombie (a remote pc under a hackers control that he can then rent out to spammers or whoever) by uploading spamming scripts etc and used the ‘you got hacked’ message as a smoke-screen.

Also, look at the cronjobs to see if he didn’t get sneaky and set one up - i’ve heard of cases where they’ll set up cronjobs to restore removed files from a hidden backup :(

]]> By: taxed-man http://www.stippy.com/japan-news-and-media/stippy-was-hacked/#comment-9131 taxed-man Sun, 27 May 2007 14:55:13 +0000 http://www.stippy.com/japan-news-and-media/stippy-was-hacked/#comment-9131 Welcome back stippy. We missed you. Welcome back stippy. We missed you.

]]> By: Leopold http://www.stippy.com/japan-news-and-media/stippy-was-hacked/#comment-8855 Leopold Fri, 25 May 2007 19:54:02 +0000 http://www.stippy.com/japan-news-and-media/stippy-was-hacked/#comment-8855 I feel your pain. One of my sites was hacked a few weeks ago. Thankfully my hacker was a bit more 'benevolent' (or incompetent) and only corrupted the front page. In fact, they even saved a copy of my original page for quick fixing! Maybe it was just an attempt to let me know I should beef up my security. Still, why not email me, instead of hacking my site and not telling me how they did it? Anyway, I think you should figure out how they hacked it in the first place before inviting them to come back and try again! I'm glad you had backups - stippy is a great site. You're running WordPress right? I believe there are a lot of security issues involved with the 3rd-party addons, so they probably just exploited that. Usually this (I think) involves a process called SQL injection. Here is a list of injection scanners that might help you find vulnerabilities if that's the problem: http://www.security-hacks.com/2007/05/18/top-15-free-sql-injection-scanners I'm not technical expert - just know what I know from running sites for a couple years. Good luck and glad to see you back! I feel your pain. One of my sites was hacked a few weeks ago. Thankfully my hacker was a bit more ‘benevolent’ (or incompetent) and only corrupted the front page. In fact, they even saved a copy of my original page for quick fixing! Maybe it was just an attempt to let me know I should beef up my security. Still, why not email me, instead of hacking my site and not telling me how they did it?

Anyway, I think you should figure out how they hacked it in the first place before inviting them to come back and try again! I’m glad you had backups - stippy is a great site.

You’re running WordPress right? I believe there are a lot of security issues involved with the 3rd-party addons, so they probably just exploited that. Usually this (I think) involves a process called SQL injection. Here is a list of injection scanners that might help you find vulnerabilities if that’s the problem: http://www.security-hacks.com/2007/05/18/top-15-free-sql-injection-scanners

I’m not technical expert - just know what I know from running sites for a couple years. Good luck and glad to see you back!

]]>